feat: implement Phase 2 validation improvements

Phase 2 Professional Validation Features: 1. Validation Profiles: - minimal: Only required fields - runtime: Critical errors + security warnings - ai-friendly: Balanced (default) - strict: All checks + best practices 2. New Node Validators: - Webhook: Path validation, response modes, auth warnings - PostgreSQL: SQL injection detection, query safety - MySQL: Similar to Postgres with MySQL-specific checks 3. New Tools: - validate_node_minimal: Lightning-fast required field checking - Updated validate_node_operation with profile support 4. SQL Safety Features: - Detects template expressions vulnerable to injection - Warns about DELETE/UPDATE without WHERE - Catches dangerous operations (DROP, TRUNCATE) - Suggests parameterized queries 5. Enhanced Coverage: - Now supports 7+ major nodes with specific validators - Flexible validation based on use case - Professional-grade safety checks This completes the major validation system overhaul from the original plan. 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-06-24 10:56:59 +02:00
parent 8f5c34179b
commit 42a24278db
8 changed files with 689 additions and 35 deletions
--- a/src/services/enhanced-config-validator.ts
+++ b/src/services/enhanced-config-validator.ts
@@ -10,9 +10,11 @@ import { NodeSpecificValidators, NodeValidationContext } from './node-specific-v
 import { ExampleGenerator } from './example-generator';

 export type ValidationMode = 'full' | 'operation' | 'minimal';
+export type ValidationProfile = 'strict' | 'runtime' | 'ai-friendly' | 'minimal';

 export interface EnhancedValidationResult extends ValidationResult {
  mode: ValidationMode;
+  profile?: ValidationProfile;
  operation?: {
    resource?: string;
    operation?: string;
@@ -40,7 +42,8 @@ export class EnhancedConfigValidator extends ConfigValidator {
    nodeType: string,
    config: Record<string, any>,
    properties: any[],
-    mode: ValidationMode = 'operation'
+    mode: ValidationMode = 'operation',
+    profile: ValidationProfile = 'ai-friendly'
  ): EnhancedValidationResult {
    // Extract operation context from config
    const operationContext = this.extractOperationContext(config);
@@ -60,11 +63,15 @@ export class EnhancedConfigValidator extends ConfigValidator {
    const enhancedResult: EnhancedValidationResult = {
      ...baseResult,
      mode,
+      profile,
      operation: operationContext,
      examples: [],
      nextSteps: []
    };
    
+    // Apply profile-based filtering
+    this.applyProfileFilters(enhancedResult, profile);
+    
    // Add operation-specific enhancements
    this.addOperationSpecificEnhancements(nodeType, config, enhancedResult);
    
@@ -216,6 +223,18 @@ export class EnhancedConfigValidator extends ConfigValidator {
      case 'nodes-base.mongoDb':
        NodeSpecificValidators.validateMongoDB(context);
        break;
+        
+      case 'nodes-base.webhook':
+        NodeSpecificValidators.validateWebhook(context);
+        break;
+        
+      case 'nodes-base.postgres':
+        NodeSpecificValidators.validatePostgres(context);
+        break;
+        
+      case 'nodes-base.mysql':
+        NodeSpecificValidators.validateMySQL(context);
+        break;
    }
    
    // Update autofix if changes were made
@@ -441,4 +460,50 @@ export class EnhancedConfigValidator extends ConfigValidator {
    
    return Array.from(seen.values());
  }
+  
+  /**
+   * Apply profile-based filtering to validation results
+   */
+  private static applyProfileFilters(
+    result: EnhancedValidationResult,
+    profile: ValidationProfile
+  ): void {
+    switch (profile) {
+      case 'minimal':
+        // Only keep missing required errors
+        result.errors = result.errors.filter(e => e.type === 'missing_required');
+        result.warnings = [];
+        result.suggestions = [];
+        break;
+        
+      case 'runtime':
+        // Keep critical runtime errors only
+        result.errors = result.errors.filter(e => 
+          e.type === 'missing_required' || 
+          e.type === 'invalid_value' ||
+          (e.type === 'invalid_type' && e.message.includes('undefined'))
+        );
+        // Keep only security warnings
+        result.warnings = result.warnings.filter(w => w.type === 'security');
+        result.suggestions = [];
+        break;
+        
+      case 'strict':
+        // Keep everything, add more suggestions
+        if (result.warnings.length === 0 && result.errors.length === 0) {
+          result.suggestions.push('Consider adding error handling and timeout configuration');
+          result.suggestions.push('Add authentication if connecting to external services');
+        }
+        break;
+        
+      case 'ai-friendly':
+      default:
+        // Current behavior - balanced for AI agents
+        // Filter out noise but keep helpful warnings
+        result.warnings = result.warnings.filter(w => 
+          w.type !== 'inefficient' || !w.property?.startsWith('_')
+        );
+        break;
+    }
+  }
 }